NCSC urges vigilance in wake of cyber attack
- Author: Arturo Norris May 20, 2017,
May 20, 2017, 14:08
With the published system vulnerabilities, hackers can carry out the attacks and cause serious consequences. "An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen". However, if your devices have been infected by WannaCry - the malware that has affected the NHS' computer system - the ransomware will lock your entire PC.
Calling for a "Digital Geneva Convention", Microsoft's Smith said the widespread damage caused by the ransomware shows that governments need to treat cyber weapons the same way they treat conventional weapons. Security firm Avast released a report, according to which the company had seen around 75000 cases of Ransomware around the globe by the name of WannaCry and other similar names.
He added the current situation has to be a wake-up call for governments.
The virus exploits a vulnerability in Microsoft Windows software, first identified by the US National Security Agency.
Ransomware is a type of malicious software created to block access to a computer system or data until a ransom is paid. The WannaCry Ransomware attack was such that it led to shutting down of hospitals, universities, warehouses, ATMs and banks.
Twitter users around the world posted complaints about their computers shutting down and posted photos of the ransom demands on their computer screens.
The National Security Agency (NSA) alerted Microsoft about the issue three months ago and Microsoft released an upgrade that patched the flaw, but many users were yet to run it, CNN reported.
The cybercriminals spread the WannaCry ransomware by taking advantage of a Windows vulnerability, which was fixed by Microsoft Corporation (NASDAQ: MSFT) in March.
"I still expect another to pop up and be fully operational", Kalember said.
On the 12th of May 2017, a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware began spreading, impacting a large number of organisations in Europe, demanding a ransom of $300 to $600 in Bitcoin to be paid by the 15th of May 2017.
"Right now, just about every IT department has been working all weekend rolling this out", Dan Wire, spokesman at Fireeye Security, said.
The full cost of the attack and associated computer outages is not yet known, but is now being estimated in the range of hundreds of millions of dollars.
"The malware enters the system through phishing emails or when the user clicks on unknown links".
"MeitY has initiated contact with relevant stakeholders in public and private sector to "patch" their systems as prescribed in the advisory issued by CERT-IN".